Only the latest main branch is actively supported with security updates. We recommend always using the latest version of the registry components and templates.

Please do not report security vulnerabilities through public GitHub issues.

If you believe you have found a security vulnerability in Watermelon Platform, please report it privately to our security team. You can reach out directly via our email or use GitHub's private vulnerability reporting feature on the repository.

We will acknowledge receipt of your vulnerability report as soon as possible and strive to send you regular updates about our progress.

For a prompt and effective response, please include the following in your report:

• A description of the vulnerability including its impact.
• Steps to reproduce the issue (code snippets or a proof of concept).
• The version(s) of the application affected.
• Possible mitigations or solutions, if known.

Thank you for helping us keep Watermelon Platform safe!